note: Fortinet TAC doesn't like for you to know this cmd but it will not harm anything and has limited shell access.
The fnsysctl is a cli command that fortinet-TAC does not speak too much about. It allows for a single shell execution of limited unix executables ( ls, cat, ps, mount, more, grep, df, etc...). It can be a dangerous command for learning some of the inside working of a fortigate. And if your knowledge of linux/unix is strong like mine, you can find numerous & creative ways for using this command.
e.g ( determing my FWF60D linux kernel version, diskfile size and mount command )
Okay to find and kill the dhcp process or any proc as far as that goes, you have to understand that most process create a "pid" ( process id ). You can use the diag sys top command to find the top process , but I have a few tricks that you can use to find the one process that 's of interest.
1: by using the "ps" command
e.g
note: just search thru the list of running process
2: uses the "ls" command against the /var/run directory
NOTE: the var/run directory typically holds the proc pid in the shape and fashion of ;
/var/run/<process daemon name>.pid
e.g
3: by issuing the "diag sys top 25 100" command
NOTE: I'm using a delay of 25 secs and 100 lines so I can quickly scan thru most, if not all of the pids
Once you found the pid file name, you can "cat" or "more" the file name of interest;
e.g ( here I'm using the "more" command against 2 pid files )
Okay, so now that you found the pid(s) that you want to kill.
How do you kill it ?
Will you could hire her, but that could be a expensive and bloody encounter.
or
Use the diag sys kill command or even use the fnsysctl command.
e.g ( showing various ways to kill the process and rechecking for the new pid # )
So that's how you kill a fortigate process using the cli . When ever you kill a process is great to recheck that the proc has restart and to monitor any logs entries.
Doing this, can help ensure a 100% functional process and the daemon is working.
Ken Felix
Freelance Network /Security Engineer
kfelix a-t socpuppets d-o-t com
The fnsysctl command does not return anything on FortiMail 5.1.5.
ReplyDelete